AssetEdrEvent

JSON representation

An EDR event associated with an asset as delivered to the UI. To convey EDR events internally within the server, use AssetRawEdrEvent instead.

JSON representation

JSON representation
{ "eventTime": string, "displayName": string, "chip": { object (`Chip`) }, "filterProperties": { object (`FilterProperties`) }, "sidebarEntries": [ { object (`SidebarEntry`) } ], "rawLogsToken": string, "assetIndicator": { object (`AssetIndicator`) }, "fileNames": [ string ] }

{ "eventTime": string, "displayName": string, "chip": { object (Chip) }, "filterProperties": { object (FilterProperties) }, "sidebarEntries": [ { object (SidebarEntry) } ], "rawLogsToken": string, "assetIndicator": { object (AssetIndicator) }, "fileNames": [ string ] }

Fields
`eventTime`	`string (Timestamp format)` Date/time of the event. Uses RFC 3339, where generated output will always be Z-normalized and use 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: `"2014-10-02T15:01:23Z"`, `"2014-10-02T15:01:23.045123456Z"` or `"2014-10-02T15:01:23+05:30"`.
`displayName`	`string` The canonical string to display for the event.
`chip`	`object (Chip)` The chip to display.
`filterProperties`	`object (FilterProperties)` A list of filter properties associated the event.
`sidebarEntries[]`	`object (SidebarEntry)` All the sidebar entries.
`rawLogsToken`	`string` A token to request raw logs, this is opaque to the client. If empty, no raw logs can be requested.
`assetIndicator`	`object (AssetIndicator)` AssetIndicator used for pivoting.
`fileNames[]`	`string` This field is only used for hash view timeline: it contains the file names associated with the queried file hash.

AssetEdrEvent Stay organized with collections Save and categorize content based on your preferences.

AssetEdrEvent